Omarexala

**Name of the Vulnerable Software and Affected Versions** keerti1924 PHP-MYSQL-User-Login-System version 1.0 **Description** A problematic vulnerability was found in the keerti1924 PHP-MYSQL-User-Login-System. The issue affects an unknown function of the file /signup.php. By manipulating the `username` argument with malicious input, such as `<script>alert("xss")</script>`, it is possible to launch a cross-site scripting attack remotely. The exploit has been publicly disclosed. **Recommendations** For keerti1924 PHP-MYSQL-User-Login-System version 1.0, as a temporary workaround, consider validating and sanitizing the `username` input to prevent cross-site scripting attacks. Restrict access to the /signup.php file until a proper fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** keerti1924 PHP-MYSQL-User-Login-System version 1.0 **Description** A critical issue has been found, affecting an unknown functionality of the file /edit.php, leading to improper access controls. The attack can be launched remotely. **Recommendations** For keerti1924 PHP-MYSQL-User-Login-System version 1.0, consider restricting access to the /edit.php file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** keerti1924 PHP-MYSQL-User-Login-System version 1.0 **Description** A critical issue was found in the keerti1924 PHP-MYSQL-User-Login-System, affecting some unknown functionality of the file /edit.php. This issue leads to sql injection and can be exploited remotely. The exploit has been disclosed to the public. The vendor was contacted about this issue but did not respond. **Recommendations** For keerti1924 PHP-MYSQL-User-Login-System version 1.0, consider disabling access to the /edit.php file until a patch is available to prevent sql injection attacks. Restrict remote access to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.